Jason Rutherglen wrote:
I implemented an RMI protocol using Hadoop IPC and implemented basic HMAC signing. It is I believe faster than public key private key because it uses a secret key and does not require public key provisioning like PKI would. Perhaps it would be a baseline way to sign the data.
That should work for authenticating messages between (trusted) nodes. Presumably the ipc.key value could be set in the Conf and all would be well.
External job submitters shouldn't be given those keys; they'd need an HTTP(S) front end that could authenticate them however the organisation worked.
Yes, that would be simpler. I am not enough of a security expert to say if it will work, but the keys should be easier to work with. As long as the configuration files are kept secure, your cluster will be locked.
However, HDFS uses HTTP to serve blocks up -that needs to be locked down too. Would the signing work there?
-steve
